HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

‘Cordyceps’ Malicious Pull Requests Target CI/CD Pipelines Across Major Cloud and Open‑Source Projects

Researchers uncovered a supply‑chain threat called Cordyceps that injects malicious code via pull requests into Azure Sentinel, Google AI Agent Kit, Apache Doris, Cloudflare Workers SDK, and Python Black. The scenario highlights the need for SOC 2 vendor‑management monitoring and audit‑ready evidence of PR controls.

LiveThreat™ Intelligence · 📅 June 24, 2026· 📰 darkreading.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
4 sector(s)
Actions
3 recommended
📰
Source
darkreading.com

‘Cordyceps’ Malicious Pull Requests Threaten CI/CD Pipelines Across Major Cloud and Open‑Source Projects

What Happened — Researchers identified a new supply‑chain threat dubbed “Cordyceps” that injects malicious code via seemingly legitimate pull requests (PRs). The technique has been observed targeting Microsoft Azure Sentinel, Google AI Agent Development Kit, Apache Doris, Cloudflare Workers SDK, and the Python Software Foundation’s Black library. Successful PR merges can silently embed back‑doors or data‑exfiltration logic into downstream builds.

Why It Matters for Compliance & Audit Readiness

  • SOC 2 vendor‑management controls (CC6.1) require continuous monitoring of third‑party code contributions; Cordyceps shows how unchecked PRs can become a compliance breach.
  • Maintaining a defensible audit trail of PR approvals, signature verification, and automated policy enforcement provides the evidence auditors expect for a robust supply‑chain risk program.
  • Continuous‑compliance platforms that surface anomalous PR activity help demonstrate due‑diligence and mitigate the risk of unauthorized code reaching production.

Who Is Affected – Cloud‑infrastructure providers, SaaS platforms, open‑source maintainers, and any organization that integrates third‑party libraries through automated CI/CD pipelines.

Recommended Actions

  • Enforce signed commits and mandatory reviewer approvals for all external contributions.
  • Integrate automated static‑analysis and provenance checks into CI pipelines to flag unexpected code patterns.
  • Map these controls to SOC 2 CC6.1 (Vendor Management) and retain logs as audit evidence.

Source: Dark Reading

Technical Notes – The attack leverages the trust model of open‑source contribution workflows; no public CVE is associated, but the vector is “malicious pull request” via third‑party dependency injection. Affected data includes source code, build artifacts, and potentially runtime secrets.

Source: Dark Reading

📰 Original Source
https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

Point-in-time vendor reviews miss incidents like this.

Verisq AI Trust Operations replaces the annual questionnaire with continuous third-party monitoring — so vendor exposure becomes audit evidence, not a once-a-year guess.

See how Verisq AI Trust Operations works →